<?php
/**
 *	@author Jacken
 * 
 *	- User Object
 *	- Save Info of User to Database
 */
include_once('UserDetail.php');
include_once('db_connect.php');

class User {

	private $userID;
	private $userName;
	private $passWord;
	private $isOnline;
	private $avatar;
	private $destroy;

	private $connect;
	private $mysqli;

	function connect() {
		$this->connect = new Connect();
		$this->mysqli = $this->connect->getMysqli();
	}

	//$userDetail = new UserDetail();
	function User() {
		$this->userID = "";
		$this->userName = "";
		$this->passWord = "";
		$this->isOnline = 0;
		$this->destroy = 0;
	}

	function getUserID() {
		return $this->userID;
	}

	function setUserID($value) {
		$this->userID = $value;
	}

	function getUserName() {
		return $this->userName;
	}

	function setUserName($userName) {
		$this->userName = $userName;
	}

	function getPassWord() {
		return $this->passWord;
	}

	function setPassWord($passWord) {
		$this->passWord = $passWord;
	}

	function getIsOnline() {
		return $this->isOnline;
	}

	function setIsOnline($isOnline) {
		$this->isOnline = $isOnline;
	}

	function getDestroy() {
		return $this->destroy;
	}

	function setDestroy($destroy) {
		$this->destroy = $destroy;
	}

	function getAvatar() {
		return $this->avatar;
	}

	function setAvatar($value) {
		$this->avatar = $value;
	}

	/**
	 *	INSERT new USER OBJECT
	 *	
	 * 	- input is an user object
	 * 	- return UserID of the user have just saved
	 */
	function insert($user) {

		// Get info from User object
		$userName = $user->getUserName();
		$passWord = $user->getPassWord();

		

		// Ma hoa mat khau md5()
		$passWord = md5($passWord);

		$this->connect();

		try {
			// sql query
			$sqlInsert = "INSERT INTO USER 
						(UserName, PassWord) 
						VALUES 
						(?, ?)
						";

			// Prepare query.
			$prInsert = $this->mysqli->prepare($sqlInsert);
			// check
			if($prInsert) {
				// If prepare Statement is true.
				// Bind.
				$prInsert->bind_param('ss', $userName, $passWord);
			} else {
				echo "Prepare failed: (" .$this->mysqli->errno. ") " .$this->mysqli->error;
			}

			// execute sql query
			if(!$prInsert->execute()) {
				echo "Error execute: (". $prInsert->errno. ") " .$prInsert->error;
			}

			// Get the newest id
			$user->setUserID($this->mysqli->insert_id);


			$prInsert->close();
			$this->mysqli->close();
		} catch (Exception $e) {
			echo $e->getMessage();
		}

		// Return newest id when insert data into database
		return $user->getUserID();
	}

	/**
	 *	Function check username and password when user Sign-in to website
	 *	- input is User object
	 *
	 *	Get result and compare password with $user
	 *	if it is correct
	 *		- Start session, save $_SESSION['userName']
	 *		- return true
	 *	else
	 *	 	- return false
	 */
	function checkSignIn($userName, $passWord) {

		$this->connect();
		$passWord = md5($passWord);

		$sql = "SELECT UserID, UserName, PassWord FROM USER 
				WHERE (UserName = ?) AND (PassWord = ?)";

		// prepare statement
		$prSelect = $this->mysqli->prepare($sql);

		//Check prepare statement
		if(!$prSelect) {
			echo "Prepare statement failed: (" .$this->mysqli->errno. ") " .$this->mysqli->error;
		}

		//bind
		$prSelect->bind_param('ss', $userName, $passWord);

		// Execute.
		if(!$prSelect->execute()) {
			echo "Execute Error: (" .$prSelect->errno. ") " .$prSelect->error;
		}

		$results = $prSelect->get_result();		

		if($rows = $results->fetch_assoc()) {

			session_start();

			// Get result
			//$rows = $results->fetch_assoc();

			$_SESSION['USER_ID'] = $rows['UserID'];
			$_SESSION['USER_NAME'] = $rows['UserName'];

			// Update is online
			
			return true;
		}
		return false;
	}

	function getUser($userID) {

		$user = new User();

		$this->connect();

		$sql = "SELECT UserName, isOnline FROM USER WHERE UserID = ? AND Destroy = 0";

		$prSelect = $this->mysqli->prepare($sql);

		if(!$prSelect) {
			echo "Prepare failed: (" .$this->mysqli->errno. ") " .$this->mysqli->error;
		}

		//Bind
		$prSelect->bind_param('i', $userID);

		if(!$prSelect->execute()) {
			echo "Execute Error: (" .$prSelect->errno. ") " .$prSelect->error;
		}

		// Get result
		$result = $prSelect->get_result();
		$row = $result->fetch_assoc();

		$user->setUserID($userID);
		$user->setUserName($row['UserName']);
		$user->setIsOnline($row['isOnline']);

		return $user;
	}

	/**
	 *	Function: getFriendsList
	 *	
	 *	- get friends list of $userID
	 *	- return an array of User object
	 *
	 */
	function getFriendsList($userID) {

		$friends = array();
		$i = 0;
		$this->connect();

		$sql = "SELECT FriendID FROM FRIENDSLIST WHERE UserID = ?";

		$prSelect = $this->mysqli->prepare($sql);

		if(!$prSelect) {
			echo "Prepare failed: (" .$this->mysqli->errno. ") " .$this->mysqli->error;
		}

		// Bind data to prepare statement
		$prSelect->bind_param('i', $userID);

		// Execute Select statement
		if(!$prSelect->execute()) {
			echo "Execute Error: (" .$prSelect->errno. ") " .$prSelect->error;
		}
		//Tra ve mang cac doi tuong User co trong friends list
		// Get result
		$result = $prSelect->get_result();

		while($row = $result->fetch_assoc()) {
			$friendID = $row['FriendID'];
			$user = new User();

			$user = $user->getUser($friendID);
			//var_dump($user);
			$friends[$i] = $user;
			$i++;
		}

		//Tra ve danh sach friends
		return $friends;
	}	

	/**
	 *
	 *
	 */

	function getMessageList($userID) {

	}

	function getUserList($key) {

		$users = array();
		$i = 0;
		$this->connect();
		$key = "%".$key."%";

		$sql = "SELECT UserID, UserName, Avatar FROM USER WHERE UserName LIKE ?";

		$prSelect = $this->mysqli->prepare($sql);

		if(!$prSelect) {
			echo "Prepare failed: (" .$this->mysqli->errno. ") " .$this->mysqli->error;
		}

		// Bind data to prepare statement
		$prSelect->bind_param('s', $key);

		// Execute Select statement
		if(!$prSelect->execute()) {
			echo "Execute Error: (" .$prSelect->errno. ") " .$prSelect->error;
		}
		//Tra ve mang cac doi tuong User co trong friends list
		// Get result
		$result = $prSelect->get_result();

		while($row = $result->fetch_assoc()) {

			$userID = $row['UserID'];
			$userName = $row['UserName'];
			$avatar = $row['Avatar'];

			$user = new User();

			$user->setUserID($userID);
			$user->setUserName($userName);
			$user->setAvatar($avatar);
			//var_dump($user);
			$users[$i] = $user;
			$i++;
		}

		//Tra ve danh sach friends
		return $users;
	}

/*
	function Update($user) {

		$this->connect();
		$userID = $user->getUserID();
		$password = $user->getPassWord();

		$sql = "SELECT PassWord FROM USER WHERE UserID = ? AND Destroy = 0";

		$prSelect = $this->mysqli->prepare($sql);

		if(!$prSelect) {
			echo "Prepare failed: (" .$this->mysqli->errno. ") " .$this->mysqli->error;
		}

		//Bind
		$prSelect->bind_param('i', $userID);

		if(!$prSelect->execute()) {
			echo "Execute Error: (" .$prSelect->errno. ") " .$prSelect->error;
		}

		// Get result
		$result = $prSelect->get_result();
		$row = $result->fetch_assoc();

		$db_pass = $row['PassWord'];

		if($db_pass != $user->getPassWord()) {
			return "incorrect pass";
		}

		$sqlUpdate = "UPDATE USER SET (PassWord) VALUES (?) WHERE UserID = ?";
		$prUpdate = $this->mysqli->prepare($sqlUpdate);

		if(!$prUpdate) {
			echo "Prepare failed: (" .$this->mysqli->errno. ") " .$this->mysqli->error;
		}

		//Bind
		$prSelect->bind_param('i', $userID);

		if(!$prSelect->execute()) {
			echo "Execute Error: (" .$prSelect->errno. ") " .$prSelect->error;
		}
		return $user;
	}
	*/
}
?>